cvs commit: ports/security/vuxml vuln.xml

Mon Jan 16 05:57:40 UTC 2012

On 2012-01-16 04:16, Akinori MUSHA wrote:
> knu         2012-01-16 03:16:01 UTC
> 
>   FreeBSD ports repository
> 
>   Modified files:
>     security/vuxml       vuln.xml 
>   Log:
>   Add PHP < 5.3.9 (CVE-2011-4885).
>   
>   Revision  Changes    Path
>   1.2549    +6 -1      ports/security/vuxml/vuln.xml
> 

I think this entry is not needed since it's already tracked
as vid="d3921810-3c80-11e1-97e8-00215c6a37bb"

+      <package>
+	<name>php5</name>
+	<range><lt>5.3.9</lt></range>
+      </package>
...
+      <cvename>CVE-2011-4885</cvename>

Existing entry:

  *<vuln vid="d3921810-3c80-11e1-97e8-00215c6a37bb">*
    <topic>php -- multiple vulnerabilities</topic>
    <affects>
      <package>
        *<name>php5</name>*
        <name>php5-exif</name>
        <range><lt>5.3.9</lt></range>
      </package>
...
    <references>
      <cvename>CVE-2011-4566</cvename>
      *<cvename>CVE-2011-4885</cvename>*
      <url>http://www.nruns.com/_downloads/advisory28122011.pdf</url>
    </references>
...